Java SecurityManager初识

说明

简介

根据Oracle官方对The Security Manager的说明：

A security manager is an object that defines a security policy for an application. This policy specifies actions that are unsafe or sensitive. Any actions not allowed by the security policy cause a SecurityException to be thrown. An application can also query its security manager to discover which actions are allowed. Typically, a web applet runs with a security manager provided by the browser or Java Web Start plugin. Other kinds of applications normally run without a security manager, unless the application itself defines one. If no security manager is present, the application has no security policy and acts without restrictions.

翻译为中文的意思是:Security Manager是用于对一个应用程序定义一个安全策略的对象。这个策略能够定义一些不安全或者是敏感操作。不被安全策略允许的操作将会抛出SecurityException。同样地，利用Security Manager还可以定义一些允许执行的操作。默认情况下，oracle已经对Security Manager能够控制的操作进行了说明Permissions in the Java Development Kit (JDK),包括Socket、文件、序列化、反射等权限。

# whether or not we allow an extra policy to be passed on the command line# with -Djava.security.policy=somefile. Comment out this line to disable# this feature.policy.allowSystemProperty=true

其中还包括了策略文件的定义：

1234

# The default is to have a single system-wide policy file,# and a policy file in the user's home directory.policy.url.1=file:${java.home}/lib/security/java.policypolicy.url.2=file:${user.home}/.java.policy